PCX 



WOIOD INmLECrU AL PROPERTY ORG ANIZAHON 
Inienutiooil Buicao 




INTCRNAT10NAL APPUCATION PUBLISHED UNDER THE PATENT COOPERATION TREATY (^dj) 



(51) IntermtioDal Patent Ctwriflcatton ^ ] 
G06F 17/60 



Al 



(11) Itttcmtloiial PubBoitloa Number: WO 00/46725 

(4^ Intcmtloiial PubHcition Date: 10 August 2000 (lOJO^M) 



(21) International Application Kumbcn PCTTUSOQ^l? 

(22) Intematfamal FDIng Date: 3 Febniaiy 2000 (03j02jOO) 



(30) Prioriiy Data: 
09/245.790 



5 Fdmiaiy 1999(0510.99) 



US 



(71) Applicant: FUNDSXPRESS, INC. [US/US); 1 1950 JollyvOIe 

Road. AusUn. TX 78759-2309 (US). 

(72) Inventors: BURNS. Joha A^ 6505 Danwood Drive, Austin, 

TX 78759 (US). LOWELL, Charics, KL; 3308 Riverciwt 
Drive. AuJtin, TX 78727 (US). BHAKTA. RBkcfih, Sa 
13408 C:^»docia Cove. Austin. TK Idrm (US). HART- 
MAN, Sam, D.: 9014 Bhie (}uail Drive. Austin, TX 78758 
(US). 

(74) Agent: CAYWOOD. Michael; Locke UddeU & Sapp, LLP. 
Suite 300. 100 Congress Avenue. Austin, TX 78701 (US). 



(81) Designated States AU, CA, JP, MX, European patent (AT, 
BE. CH, CY, DB, DK, ES. FI, PR, OB. OR. IE. IT. LU. 
MCNL^FT.SE). 



PnbUdied 

With iniemationcd search report 

B^e the expiration of the time limit for amending the 
claims and to be republished in the event of the receipt of 
amendments. 



(54) Title: SYSTEM AND METHOD FOR CXDNDUGTING ONLINE FINANOAL TOANSACTIONS USING BLECTCONIC FUNDS 
TRANSFER AND PUBUC COMMUNICATIONS NETVORKS 



(57) Abstract 



An online financial transaction system and method which 
uses existing public communications nctworic.Gtcm 20, figure 
1) and an EFT networlc (item 22) to enable financial transactions 
by a customer (item 30) in a secure manner without transmitting 
the customer's PIN. The system includes a data center (item 12) 
with secure server (Item 14) and database (item 16) wherein 
the data center is connected to the communications network 
(item 20) and to fhc EFT network fitem 22). Also included In 
the system is a user inteiface (item 28) coimecting authorized 
user (item 30) to the communications network (item 20). 
After establishing the connection, die user (item 30) enters an 
encrypted session with the secure server (item 14). Next, the 
user logs into the secure server (item 14) using an access ID 
and password. Once validated, the user (item 30) is able to 
conduct an online financial transaction without transmitting the 
user's PIN over tiie network (item 20). 
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SYSTEM AND METHOD FOR CONDUCTING ONLINE FINANCIAL 
TRANSACTIONS USING ELECTRONIC FUNDS TRANSFER AND PUBLIC 
COMMUNICATIONS NETWORKS 

5 TECHNICAL FIELD 

This invention relates to an online financial transaction system and method, and 
more particularly to a system and method for account inquiry, funds transfer and bill 
payment using existing electronic fimds transfer and public communications networks 
without the need to transmit a personal identification number CTIN") over the public 

1 0 communications network.. 

BACKGROUND OF THE INVENTION 
With the rapid growth in popularity of the Internet, it has become almost a necessity 
for banks and other financial institutions to be able to offer their customers the ability to 
conduct basic financial transactions, such as account balance inquiry, transfer of funds 

15 between accounts and electronic bill payment, without the assistance of a teller. This ability 
pramits the financial institution customer to perform financial transactions at the customer's 
convenience rather than during normal business hours. In order to meet this need some 
financial institutions have instituted voice activated telephone response systems which allow 
the customer to call the financial institution and conduct fmancial transactions after entering 

20 an ID and validating password. In one existing version of such a telephone system, the 
computer system on which the enabling software resides is connected to an electronic fimds 
transfer ("EFT") network, sometimes referred to as an automated teller machine ("ATM") 
network. Valid financial transaction requests entered by the customer through the telephone 
system are then processed through the existing EFT network in a conventional manner. A 

25 disadvantage of this system is the requirement to use specialized telephone equipment 
having a display. In addition, certain inforaiation (account numbers, personal identification 
numbers ("PIN"s), etc.) that is noraially encrypted and stored on the back of an ATM card in 
the magnetic stripe is needed for the transaction.^ Because the customer is using the 
telephone and no card reader is present, the customer is unable to transfer the encrypted 

30 information during the telephone call. Instead, the infonnation must be stored and 
maintained on a computer system controlled by the financial institution or EFT network. 
The stored infonnation must then be combined with the transaction inforaiation obtained 
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from the customer over the telephone and formatted into a request messaging stream capdble 
of being interpreted by the EFT network. The disadvantage of such a system is that 
\ financial institutions using this system must convey sensitive customer account number and 

password information to tiie third party vendor maintaining the computer system which 

5 processes the requests received via telephone from participating financial institution 
customers. This transfer and storing of sensitive financial information to and by a third 
party poses a potential security risk. 

Another popular method for banking without a teller is through online banking 
services. As more and more financial institutions offer such services to their customers, 

10 there is increased pressure on small fmancial institutions such as, for example, community 
banks, not currently offering similar online services to add them in order to compete 
effectively in the marketplace. In a typical online banking system, the financial institution 
hosts its web site on the financial institution's own computer system. In order to do this, the 
bank must piuchase hardware such as a server, secure routers, and Internet connections. It 

15 must then develop custom online banknig software. Large fmancial institutions with the 
requisite monetary and technical support resources were the first to oflfer online banking 
services to their customers. Because the process of adding online banking services is very 
involved technically and security of the system is always a concern, the larger financial 
institutions were the only entities willing to pay the cost and take on the risk associated with 

20 online banking. 

Several steps are involved in developing a custom online fmancial transaction 
system. First, the financial institution typically selects a third party vendor to assist in the 
identification of hardware to be purchased as well as in the design and development of the 
online system. Even if the fmancial institution decides to develop its custom system 

25 internally, the process is daunting due to the wide range of technical platforms and the 
corresponding variations in cost. If a third party vendor is used, a contract between the 
financial institution and the vendor must be negotiated and signed before work may begin. 
The next step in the process is for the financial institution to work with the vendor in 
developing an interface into the financial institution's core processing system. This 

30 interface alone could take fi:om 120 to 180 days to develop depending on the design and 
testing requirements. During system development, financial institution staff must be trained 
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to operate the system and to handle questions from customers. Thus, the effort to create a 
custom online financial transaction system from flie ground up is enormous and quite costly, 
\ and this has prevented many small- and medium-sized financial institutions bom being able 

to offer the ability to conduct online financial transactions to their customers. 
5 SUMMARY OF THE INVENTION 

The systOTi and method of the present invention makes use of a public 
communications network and at least one EFT netwoiic to enable the conduct of financial 
transactions by a financial institution customer or debit cardholder over the networks. This 
is done over a secure coimection without transmitting the user's PIN. The system includes a 

10 data center with at least one server and at least one database wherein the data center is 
connected to the communications network and to the EFT network. Also included in the 
system is a user interface connecting at least one authorized user to the communications 
network. The database is used to store data corresponding to financial transactions 
requested by a user that are to be processed by the server and sent over the EFT network 

15 without transmitting the user's PIN. The method of the present invwition comprises a user 
connecting to a data center over a public communications network through a user interface. 
Afler establishing the connection, the user enters an encrypted session with the server. 
Next, the user securely logs into the server using an access ID and password that are 
validated before the user is permitted to proceed. Once validated, the user is able to conduct 

20 an online financial transaction without transmitting the user's PIN over the network. 

BRIEF DESCRIPTION OF THE DRAWINGS 

FIG. 1 shows the major components in the present system for conducting authenticated PIN- 
less debits over a public conununications network. 

FIGS. 2A and 2B are a flowchart depicting the steps for conducting financial transactions 
25 over the system of FIG. 1 . 

FIG. 3 is a flowchart of the internal processing steps taken by the system of the present 
invention in the debit phase once the user schedules a bill for payment. 

FIG. 4 is a flowchart of the submit phase of the present invention and depicts the steps taken 
in conjunction with a bill processor for payment of an electronic bill. 
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DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT 
The present invootion is directed to a system and method for providing online financial 
transaction services to financial institution debit cardholders and customers who want to 
access their accounts through a public communications network, such as the Internet. 

5 As shown in Fig. 1, the system 10 of the present invention reduces the complexity, 

implementation time and related cost typically associated with developing a custom online 
fmancial transaction system by taking advantage of two existing systems: a public 
communications network 20, such as the Intemet, and an EFT network 22. The term 
'Internet" or **web" used herein should be understood to mean any public communications 

10 network. Connected to these two existing systans is a data center 12. An interface access 
28, such as a browser, with the Internet 20 permits a financial institution customer or other 
user 30 to log into a web site hosted on the data center 12 to conduct financial transactions 
such as obtaining account balances, transferring fimds. and paying bills electronically 
through the interface 28 to the EFT network 22. The customer interface 28 resides on a 

15 secure server 14 at the data center 12. Also connected to the data center 12 is at least one 
database 16 for storing customer financial transactions to be processed by the system 10. In 
the preferred embodiment, the server 14 is DEC Alpha server 4100 although any suitable 
computer known in the art may be used. The database 16 used is Oracle 8 Enterprise 
Edition offered by Oracle, although any database running a relational database management 

20 system and a standard query language such as SQL, 4GL or C with embedded SQL can be 
used. 

The customer interface 28 on the server 14 may be reached either through a fmancial 
institution's own web site or via a web site maintained by the EFT network provider or its 
third party processor. A bill payment processor 26 is also connected to the data center 12 

25 through a communication line. The data center 12 is able to process financial transactions 
over the web 20 by utilizing a connection that exists between the data center 12 and the EFT 
network 22. In other words, a separate interface between the data center 12 and each 
individual fmancial institution 24 is not required since all the necessary financial data is 
obtained directly from the connection between the data cmter 12 and the EFT network 22. 

30 Instead of having to develop, maintain and operate a custom interface into each financial 
institution's core processing system, the present invention makes use of a common interface 
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residing on the data cent^ 12 through which financial institution customers 30 can securely 
conduct their financial transactions. In fliis way, the amount of woric needed to . bring the 
financial institution online is reduced fiom an average of 150 days down to a few hours— 
with all the concomitant savings of time and money. 
5 The present invention has the added advantage of being designed so that eadi 

financial institution 24 using the system 10 can rely on the security and dq)endability of the 
existing EFT network 22 for the communications backbone and authorization protocols for 
processing customers* financial transactions. Thus, the invention provides a simpler way to 
connect financial instinition customers 30 to their financial institutions using personal 

10 computers or any Intemet access device while maintaining the security needed for 
transmitting sensitive financial inforaiation. 

One of the significant features of the present invention is its ability to handle online 
financial transactions by sending a Point of Sale CTOS'O request through the EFT network 
22 without sending the user's PIN, This means of sending requests to the EFT network 22 

15 is possible since the data center 12 is a *1rusted" data center. Data center authentication may 
be achieved by qualifying as a SAS-70 Level 2 data center through the instigation of 
procedures necessary to ensure that proper controls for dealing with sensitive financial 
information are in place so as to prevent fraud, especially in the transfer of fimds, balance 
inquiries, and payment of bills. SAS-70 Level 2 means that the data center has passed a set 

20 of stringent security requirements and is therefore a ^trusted" data center. The data center 
12 validates each user 30 of the system 10 during login by verifying the customer's access 
ID and password. Each customer's account information is stored on the secure server 14 at 
the data center 12 and is uniquely identifiable through proper entry- of the customer's access 
ID and password without use of a customer PIN. Although the customer's debit card 

25 number is included m the stored information, for security reasons the customer's PIN is not. 
Once the data center 12 has the necessary customer authentication, the EFT network 22 will 
accept requests as PIN-less POS transactions for any authorized customer 30 of any 
fmancial institution 24 that is connected to the EFT network 22. to this way. transaction 
requests no longer require the information normally stored in the magnetic stripe on an 

30 ATM debit card to be sent in the message stream from the data center 12 to the EFT 
network 22. More importantly, the magnetic stripe information does not have to be 
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retrieved bom the financial institution 24 or stored at the data center 12 and is therefore not 
subject to the risk of disclosure to others. 
\ Figs. 2 A and 2B are flowcharts of the steps in the operation of the present invention to 

conduct financial transactions over a public communications network 20. such as the 

5 Intcmet, through a participating EFT network 22. As shown in Fig. 2A, the user 30, i.e., the 
bank customer desiring to perform an online banking transaction, launches a web browser 
28 at step 32 which permits access to the public communications network 20. The browser 
software (not shown) must be able to handle an encrypted session between flie user 30 and 
the data center 12. TypicaUy, the browser runs on a personal computer, and the encrypted 

10 session is established through SSL (Secure Socket Layer) although any system for achieving 
an encrypted session will suffice. The specific browser software used may also vary and 
includes, for example, text-based browsers, EMAC browsers, Netscape™, Internet 
Explorer™, and Web TV™. Thus, access is not limited to that through a personal computer 
or web-based kiosk but may be made at any location and via any means permitting such 

15 . access. 

The user 30 then connects to the user interfece on the data center web site at step 34. 
To do this, the user 30 might access his financial instihition's web site or may log into a site 
operated by an EFT network. At stq) 36, the user 30 will enter an encrypted session with 
the secure server at the data center at which time the secure server sets a cookie on the user*s 

20 browser that is used by the data center to identify the user 30 throughout the session. Next, 
the user 30 logs mto the secure server by entering his access ID and password at step 38. If 
the ID and password are valid, the user 30 is presented with a main menu at step 40. If the 
ID and password are not valid, the system denies the user 30 access at step 42. The system 
may permit the user 30 a predetermined number of attempts within a specified time fi-ame to 

25 coirectly enter a valid ID and password before permanently denying access to the system at 
step 44. 

Once the user 30 is authenticated, the user will typically have a range of options 
including accessing customer service at step 46, viewing accounts at step 48, reading 
messages firom a financial institution at step 50, authorizing online bill payments at step 52, 
30 or exiting the system at step 54. Regarding messages the user 30 may receive torn the 
system at step 50, the user is notified at the main menu 40 if there are email messages 
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waiting at step 56. The messages may be encrypted if they contain sensitive financial data, 
or they may be unencrypted email messages sent over the public communications network. 
If the user 30 desires, the user may read email at step 58. 

Referring now to Fig. 2B. if tiie user 30 wants to make a bill payment using the online 
5 system, the user proceeds to the payments page at stq> 60 where previously entered pending 
bills, if any. for the user are listed and displayed. In addition, this page lists various bill pay 
options. To pay a new bill, the user 30 selects the option to pay a new bill at step 62. 

Paying a bill requires various types of information to ensure that the user's account 
with the proper vendor is credited. The first step in this process is the selection of a vendor 

10 to pay. After the user 30 selects the option to pay a new bill at step 62, the user is presented 
with a vendor query page at stq) 64 where the user. is prompted for information about the 
particular vendor to be paid (e.g., address, name, etc.). Based on the infoiroation entered, 
the user 30 can search a database of vendors at step 66 to see if the desired vendor akeady 
exists in the system. A list of hkely vendor matches is presented to the user 30, and then the 

1 5 user can page through and select the desired vendor to pay at step 68. If the. desired vendor 
does not appear in the Ust at step 68, the user has the option of entering the vendor into the 
system database at step 70. Identifying information such as the vendor's name and address 
is entered in the system. Based on this information, the bill processor 26 (see below) may 
issue a paper check to pay the vendor until such time as the voider can be added to the 

20 system. 

Next, the system of the present invention chooses a bill processing entity (such as 
Moneyline Express of Minneapolis, Minnesota). For each user's financial institution 24, the 
data center 12 maintains information regarding bill pay priorities for that institution. This 
information is dictated by each financial instimtion and includes which bill processor 26 it 

25 wishes to use— whether that be Moneyline Express or some other bill payment processor. 
Once a user has requested bill payment be made to a valid vendor, at step 72 the system 
software selects the bill payment processor 26, based on that financial institution's 
preferences, that is able to make a payment fi-om the user to the specified vendor. The next 
step 74 in the process occurs when the user edits, adds and schedules the bill payment 

30 Information such as bill type (one-time or recurring), period, the vendor's account number 
for the user, the user's bank account to be debited for payment, and memo text is added by 
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the user. The system may validate some or all of the infonnation entered by the user into the 
system. Once the user submits the changes or adds the bill at step 78, the payment will 
qjpear on the vending payment screen (previously described at step 60) with the parametCTS 
as entered. The editing process inay also be used by the user at step 76 on any pending bill 

5 displayed on the vending paymait screen, including on the bill just added. The user may 
then add another paymmt, edit an existing payment, return to any of the other services on 
the main menu, or log off the system. 

Referring now to Fig. 3, further automated processing of a bill payment by the system 
10 of the present invention is illustrated When a user schedules a bill to be paid, a debit 

10 record entry is generated and added to the database 16. The debit record entry contains all 
the inforaiation needed for paymfent of the bill through the EFT network 22. At step 80, 
software nmning at the data center periodically checks the database 16 where the pending 
bill payment information is stored. The software is designed to detect when a new bill has 
been scheduled for debiting. After detection, the software continues to monitor the bill, and 

15 when the cutoff time, determined by the financial institution 24 that holds the settlement 
accoimt, is reached, the software retrieves the corresponding bill pay information firom the 
debit record entry in the database. At step 84, the bill pay software first verifies that money 
is available in the account firom which fiinds will be withdrawn. If suflBcient funds are 
unavailable, the bill is rescheduled for payment on the following day at step 86, and a new 

20 record reflecting the revised schedule dale is added to database 16 for that bill payment. 

If funds are adequate to pay the bill at step 84, at step 88 the software creates and sends 
messages to debit the user's account and credit the settlement account, and calls the bill pay 
debit module to process the messages it has created. The software will also create a new bill 
payment record if the bill being paid is a recurring bill such as a mortgage payment. Any 

25 new bill payment record created in this way is then added to the database 16. The bill pay 
debit software processes the messages formed at step 88 by creating and sending encrypted 
messages to other software, referred to as the ATM software, that runs on the data center 
system at step 90. In the preferred embodiment, the messages begin as ASCII text in a 
generic format that is applicable to a variety of EFT networks. Each message is then 

30 encrypted with Kerberos with 3DES, developed by MTT and available finom MPT under 
license, as it is transmitted within the system and processed by the ATM software. Each 
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message is then translated into the specific IS08583 format before being sent to a particular 
EFT network. Use of ASCH, ISO 8583 and Kerbeios with 3DES, however, arc not required 
for messaging, and any format and/or encryption technique may be used. The ATM 
software will then route each message to whichever EFT network (Shazam» Pulse, Honor, 
5 etc.) the user or the user's institution utilizes. In the preferred embodiment, the ATM 
software is written in the C-H- computer language, and the EFT netwoik is Shazam 
(operated by ITS, Inc. of Johnston, Iowa). At step 92, the receiving EFT network system 
converts messages received from the ATM software to a fomiat accepted by the EFT 
network. In this way, the ATM software is able to interface v/ith multiple EFT networks 
10 serving financial institutions across the nation and even around the world. At this point, 
conventional POS processing by the EFT network takes over at step 94. In particular, the 
user's financial institution receives a message fi-om the EFT network advising the fmancial 
institution to pull fimds from the user's account and credit them into the settlement account 
typically maintained by the EFT network. The fimds in the settlement account arc 
15 eventually accessed by a bill payment processor, such as Moneyline Express, for actual biU 
payment to the various vendors to be paid as described in more detail below. 

If the fimds are available, the transfw occurs through the EFT netwoik at step 96 and 
approval of the transaction is sent back to the originator of the request, i.e., to the data center 
12 at step 98. If sufficient fimds are not available, a status message is sent via the EFT 
20 network back to the data center at step 98. Either way. the database at the data center 12 is 
updated at step 100 with infoTmation regarding the approval or rejection of the bill payment. 
If the payment was rejected or an error was encountered, the bill is rescheduled for payment 
on the next day. If bill payment was approved, successful completion of the payment is 
reflected in the database records. Upon the user's next login at step 102, an encrypted 
25 message is sent to the secure server from the database informing the secure server of the 
status of the bill payment at step 104. The bill payment screen is then updated for viewing 
by the user at step 106. fa this way, users are notified on the bill payment screen regarding 
any problems encountered in paying a bill through the system 1 0. That way, the user has the 
opportunity to correct any enrors in the attempted bill payment. Furtheraiore, data regarding 
30 the processing of a bill is constantly logged so that the precise "path'* taken by a particular 
bill through the system can be investigated if needed. 
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Whenever the database records are updated to reflect that a bill payment was properly 
debited in the EFT network, additional steps are required so that the biU pay processor 26 
can pay the necessary vendors and so that the user will receive the necessary recognition 
that the user's account has been paid. As shown in Fig. 4 at step 108, a submit record is 
5 created and added to the database 16 whenever an approval for payment has been received 
ftom the EFT nctwoxk. This record is similar to the debit record described earher. The 
software running at the data center 12 constantly monitors the database for submit records 
and will gather all submit records for a particular bill payment processor 26 at step 110. 
Before sendmg a request to the payment processor, the software obtains the necessary 
10 vendor (name, address, etc.) and user (name, account with vendor to be credited, amount of 
payment, etc.) information. Information for all such bills to be paid by a particular bill 
processor arc retrieved and written to a file in a format prescribed by the payment processor. 
This submit file is then sent to the bUl payment processor 26. Once the bill processor 
receives the file at step 1 12, it processes each record in the file. As a record in the submit 
15 file is processed, the user is kept informed of the status on the bill payment screen via 
communication from the bill processor to the data center which is then used to update the 
database 16. At step 114 the bill processor debits its settlement account for the amount of 
the bill plus any transaction fees associated with the online bill payment, and this status is 
sent back to the data center 12. Next, as shown in step 116, the bill processor credits each 
20 vendor to whom money is owed, and the status of this step is relayed to the data center 12. 
The process is referred to as "sweeping" the money out of the many different customers* 
checking or savings accounts and into the settlement accoimt. 

It is intended that the description of the preferred embodiment of the present invention 
is but one embodiment for implementing the invention. Variations in the description likely 
25 to be conceived of by those skilled in the art still faU within the breadth and scope of the 
disclosure of the present invention. While specific alternatives to components of the 
invention have been described herein, additional alternatives not specifically disclosed but 
known in the art are intended to fall within the scope of the invention. It is understood that 
other applications of the present invention will be apparent to those skilled in the art upon 
30 the reading of the preferred embodiment and a consideration of the fended claims and 
drawings. 
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Wc claim: 

1. An online financial transaction system for use with a public communications 
network and at least one EFT networic to peraiit authorized users having PINs to conduct 
financial transactions over the networks with a financial institution electronically connected 
to the communications network and to the EFT network, the system comprising: 

a data center connected to the communications network and to the EFT network, the 
data center further comprising: 

at least one secure seryer, 
at least one database; and 
a user interface connecting at least one authorized user to the communications 
network wherein the database contains data coiresponding to financial transactions 
requested by a user that are to be processed via the secure server over the EFT network 
without transmitting the usct's PIN. 

2. The system of claim 1 and further mcluding: 

a bill payment processor connected to the data center wherein authorized bill 
payments are made by the bill payment processor at the request of the user. 

3. The system of claim 1 wherein the data center is a SAS-70 Level 2 data center. 

4. A method of conducting online financial transactions over a pubUc communications 
network and at least one EFT network to pemiit authorized users having PINs to conduct 
fmancial transactions over the networks with a financial institution electronically connected 
to the communications network and to the EFT network, the method comprising: 

establishing a communications link to a secure data center server over the public 
communications network via an interface; 

entering an encrypted session with the data center server; 
logging into the data center server with a user's access ID and password pair; 
validating the user's access ID and password pair at the data center server, and 
conducting an online financial transaction without transmitting the user's PIN. 

5. The method of claim 4 wherein the establishing a communications link further 
comprises pointing a web browser to a financial institution's web site on the Internet. 

6. The method of claim 4 wherein the online banking transaction is account inquiry. 
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7. The method of claini 4 wherein the online banking transaction is the transfer of 
funds between user accounts. 

8. The method of claim 4|Wherein the online banking transaction is bill payment 

9. The method of claim 8 further comprising: 
selecting a vendor to pay; 

choosing a bill payment processor, and 
adding bill payment information to the system, 

10. The method of claim 9 wherein selecting a vendor further comprises entering a new 
vendor. 

11. The method of claim 9 wherein selecting a vendor further comprises searching a 
vendor list stored in the data center server based on information entered by the user. 

12. The method of claim 9 wherein choosing a bill payment processor is performed by 
the user. 

13. The method of claim 9 wherein choosing a bill payment processor is accomplished 
by the data center server based on preferences fiom a financial institution. 

14. The method of claim 9 wherein the bill payment infomiation comprises a bill type, a 
period for bill payment, a vendor-user account number, and a user bank account number. 

15. The method of claim 9 further comprising validating the bill payment information. 

16. The method of claim 9 wherein adding bill payment infoimation further comprises: 
editing the bill payment inforaiation; and 

scheduling a bill payment. 

17. The method of claim 9 further comprising: 

generating a new debit record entry corresponding to the bill payment inforaiation; 
detecting the new debit record entry.; 

monitoring the new debit record entry until a cutoff time is reached; 
retrieving bill payment infoimation from the debit record entry; 
verifying that sufficient fimds are available to pay the bill; 

sending messages corresponding to the bill payment information to debit a user's 
account and credit a settlement account; and 

processing the messages for bill payment. 

1 8. The method of claim 1 7 further comprising: 
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updating the database regarding the status of the bill payment. 

19. The method of claim 17 wherein data regarding the status of the bill payment is 
logged in the system. ^ 

20. The method of claim 17 wherein the messages arc encrypted and sent to an EFT 
network. 

2 1 . The method of claim 1 7 wherein processing messages occurs over a POS system. 

22. The method of claim 17 wherein processing messages further includes sending a 
message to the user's financial institution to debit funds from the user's account and to 
credit funds to an EFT network settlement account. 

23. The method of claim 22 further comprising accessing the funds in the EFT network 
settlement account for bill payment to designated vendors. 

24. The method of claim 23 whwein accessing the fimds is performed by the bill 
payment processor. 
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